<?php

if(!defined('IN_AACMS') || !defined('IN_ADMINCP')) {
	exit('Access Denied');
}

$mpurl = "action=comment&operation=messageboard_list&page=".($_GET['page']?$_GET['page']:1);

if($operation == 'messageboard_list') {

	if(submitcheck('listsubmit')) {
		
		$ids = dimplode($_POST['ids']);
				
		if(!$ids) {
			cpmsg('choose_at_least_one_content', $purl, 'error');
		}
		if(!$_POST['optype']) {
			cpmsg('choose_at_least_one_operation', $purl, 'error');
		}
		
		if($_POST['optype'] == 'delete') {
			$result = DB::delete('message_board', "mid IN($ids)");
			if($result) {
				cpmsg('operation_succeed', $mpurl, 'succeed');	
			} else {
				cpmsg('operation_error', $mpurl, 'error');	
			}
		}
		
		if($_POST['optype'] == 'validate') {
			$result = DB::query("UPDATE ".DB::table('message_board')." SET status='0' WHERE mid IN($ids)");
			if($result) {
				cpmsg('operation_succeed', $mpurl, 'succeed');	
			} else {
				cpmsg('operation_error', $mpurl, 'error');	
			}
		}
	}
		
	$perpage = 10;
	$page = $_GET['page'] ? max(intval($_GET['page']), 1) : 1;
	$start = ($page - 1) * $perpage;
	
	$count = DB::getOne("SELECT COUNT(*) FROM ".DB::table('message_board'));				
	$list = DB::getAll("SELECT * FROM ".DB::table('message_board')." ORDER BY mid DESC LIMIT $start,$perpage");
	
	$multipage = multi($count, $perpage, $page, ADMINSCRIPT.'?action=comment&operation=messageboard_list');
	
	include template('messageboard_list', 'admin');
	
} elseif($operation == 'messageboard_validate') {
	
	$mid = intval($_GET['mid']);
	$status = intval($_GET['status']);

	$result = DB::query("UPDATE ".DB::table('message_board')." SET status='$status' WHERE mid='$mid'");
	if($result) {
		cpmsg('operation_succeed', $mpurl, 'succeed');	
	} else {
		cpmsg('operation_error', $mpurl, 'error');	
	}
	
	
} elseif($operation == 'messageboard_reply') {
	
	$mid = intval($_POST['mid']);
	$reply = trim($_POST['reply']);
	
	$result = DB::query("UPDATE ".DB::table('message_board')." SET reply='$reply' WHERE mid='$mid'");
	if($result) {
		cpmsg('operation_succeed', $mpurl, 'succeed');	
	} else {
		cpmsg('operation_error', $mpurl, 'error');	
	}

} elseif($operation == 'messageboard_delete') {

	$mid = intval($_GET['mid']);
	
	$result = DB::delete('message_board', "mid='$mid'");
	if($result) {
		cpmsg('operation_succeed', $mpurl, 'succeed');	
	} else {
		cpmsg('operation_error', $mpurl, 'error');	
	}
	
}







?>